688eba5f9b003588621a62a852f1210b1b84f0f6aa5c05c7010257acd7b02d37 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

688eba5f9b003588621a62a852f1210b1b84f0f6aa5c05c7010257acd7b02d37
Size

718KB
Sample

220915-ccry8abfh7
MD5

9ba03e0d51dbce14a4005fe8a73a5f44
SHA1

b9794f244984c60e8d6be6312be53d3a03324c57
SHA256

688eba5f9b003588621a62a852f1210b1b84f0f6aa5c05c7010257acd7b02d37
SHA512

410e64d4a2d1f86133aaa16821d8068e731b106654467da9818ab790c18669107595dfa709fd80118a27a0836a83092a729e159227d64835dd403b748bfdc419
SSDEEP

768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  688eba5f9b003588621a62a852f1210b1b84f0f6aa5c05c7010257acd7b02d37
- Size
  
  718KB
- MD5
  
  9ba03e0d51dbce14a4005fe8a73a5f44
- SHA1
  
  b9794f244984c60e8d6be6312be53d3a03324c57
- SHA256
  
  688eba5f9b003588621a62a852f1210b1b84f0f6aa5c05c7010257acd7b02d37
- SHA512
  
  410e64d4a2d1f86133aaa16821d8068e731b106654467da9818ab790c18669107595dfa709fd80118a27a0836a83092a729e159227d64835dd403b748bfdc419
- SSDEEP
  
  768:rZmchlXKGREW6VA6joSRhFH+C9Pe2auEqainmngYWxuv8Gwmwoe9R4ZstojtfcWv:schl6M+lpDCUoHid0bIrlyR
Score

8^/10

persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1